Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/I6kna1J74LLEVatH5I7PgscGfG8.roa
File: I6kna1J74LLEVatH5I7PgscGfG8.roa (raw, json)
Hash identifier: ODNnu6FbXzJdYjSnosfEN3oR470BK6DlhF8BsUUH2OU=
Subject key identifier: 23:A9:27:6B:52:7B:E0:B2:C4:55:AB:47:E4:8E:CF:82:C7:06:7C:6F
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0190495D5FA74A4534B7CB21C2CF8CAD44FB
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/I6kna1J74LLEVatH5I7PgscGfG8.roa
Signing time: Mon 24 Jun 2024 08:29:34 +0000
ROA not before: Mon 24 Jun 2024 08:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 82.115.9.0/24 maxlen: 24
89.251.10.0/24 maxlen: 24
91.132.57.0/24 maxlen: 24
103.25.86.0/23 maxlen: 24
159.255.32.0/22 maxlen: 24
188.214.236.0/22 maxlen: 22
188.253.8.0/21 maxlen: 24
202.133.90.0/23 maxlen: 24
213.173.32.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Jun 2024 15:50:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:49:5d:5f:a7:4a:45:34:b7:cb:21:c2:cf:8c:ad:44:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jun 24 08:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23a9276b527be0b2c455ab47e48ecf82c7067c6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:9f:66:cb:77:60:fd:5e:47:cd:b9:a3:1e:9b:
cd:ec:67:3e:05:fa:ae:2d:aa:bf:27:52:c7:94:72:
d4:1b:11:98:8a:b9:8a:3c:9c:d5:91:95:b6:5f:ec:
1d:22:b4:d7:c8:01:7c:ed:ac:be:dc:98:5d:d7:1e:
c6:c1:cf:07:7e:71:39:de:d6:6e:a3:a6:69:3e:ff:
70:89:10:f6:f0:7c:27:c9:99:12:f3:8b:65:b5:8b:
a4:57:e6:d2:6c:dc:fb:fb:c3:70:aa:d3:cd:06:d1:
05:3c:2a:66:db:df:00:6e:0f:59:d9:ec:df:9d:9c:
3b:0f:53:7b:47:b4:24:17:b9:8c:20:e0:e5:26:dc:
27:c7:91:ae:d8:7e:aa:d2:fb:ee:67:dc:e4:aa:40:
20:54:1d:17:97:dc:8c:8f:35:91:d9:6b:c6:73:b6:
bc:f5:7b:07:6a:93:d7:8b:06:3d:9a:b5:50:37:01:
40:0d:3b:80:5a:97:5b:73:75:f6:d6:33:63:e9:f4:
af:78:3a:d1:3c:0e:01:61:be:2d:b9:73:71:0a:f2:
28:6b:1d:16:71:72:0b:15:82:43:ed:0f:17:e6:a2:
a4:c2:c0:f0:de:bd:a9:38:cc:fb:0d:12:97:9d:4c:
7a:6f:7f:12:69:08:67:88:73:5e:04:e7:52:fc:b9:
a7:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:A9:27:6B:52:7B:E0:B2:C4:55:AB:47:E4:8E:CF:82:C7:06:7C:6F
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/I6kna1J74LLEVatH5I7PgscGfG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.9.0/24
89.251.10.0/24
91.132.57.0/24
103.25.86.0/23
159.255.32.0/22
188.214.236.0/22
188.253.8.0/21
202.133.90.0/23
213.173.32.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:b3:8e:c6:24:a4:dd:15:73:79:0b:2b:0c:d9:1c:03:f6:91:
88:56:15:e6:df:b8:46:91:e5:ce:e8:a5:3b:4f:67:a4:43:89:
b4:ec:4e:37:91:3d:10:9f:83:21:b3:1d:bd:0b:82:34:62:46:
83:c4:5c:ee:fe:28:a8:66:d1:f5:71:da:df:a8:c2:40:8a:29:
51:dc:6f:a5:99:e4:8d:27:68:f5:e4:8e:d6:a2:1d:a3:c4:77:
bc:90:99:45:b2:be:79:3d:c4:61:85:34:77:06:db:90:1b:ff:
e1:cc:82:79:26:a5:4c:1b:80:00:0c:72:8e:ae:9c:5e:35:b2:
ed:85:8f:54:1b:9b:3c:77:9d:19:d1:8e:c4:ea:c4:ad:bb:1c:
e5:6a:48:39:41:5e:d1:2b:6a:ac:a9:cf:5a:0f:0a:db:0f:c5:
26:33:0a:2a:fe:bb:03:7a:69:b1:aa:f4:de:01:bc:ba:3c:2d:
be:10:db:86:a6:32:b7:2c:9d:ae:d5:dc:65:03:9c:cc:af:e6:
c6:da:88:af:6f:1b:81:3b:0b:ab:84:58:80:1b:6c:00:ac:9b:
71:ac:f6:d7:60:ff:c8:22:68:0a:c0:26:48:07:a8:f6:45:17:
c4:58:00:c2:e1:c0:f6:1e:57:a4:03:64:fc:b9:8f:29:ff:eb:
68:f5:0b:d9
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZBJXV+nSkU0t8shws+MrUT7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwNjI0MDgyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2E5Mjc2YjUyN2JlMGIyYzQ1NWFiNDdlNDhlY2Y4MmM3MDY3YzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx59my3dg/V5HzbmjHpvN7Gc+Bfqu
Laq/J1LHlHLUGxGYirmKPJzVkZW2X+wdIrTXyAF87ay+3Jhd1x7Gwc8HfnE53tZu
o6ZpPv9wiRD28HwnyZkS84tltYukV+bSbNz7+8NwqtPNBtEFPCpm298Abg9Z2ezf
nZw7D1N7R7QkF7mMIODlJtwnx5Gu2H6q0vvuZ9zkqkAgVB0Xl9yMjzWR2WvGc7a8
9XsHapPXiwY9mrVQNwFADTuAWpdbc3X21jNj6fSveDrRPA4BYb4tuXNxCvIoax0W
cXILFYJD7Q8X5qKkwsDw3r2pOMz7DRKXnUx6b38SaQhniHNeBOdS/LmnxwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFCOpJ2tSe+CyxFWrR+SOz4LHBnxvMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvSTZrbmExSjc0TExFVmF0SDVJN1Bnc2NHZkc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAUnMJAwQA
WfsKAwQAW4Q5AwQBZxlWAwQCn/8gAwQCvNbsAwQDvP0IAwQByoVaAwQC1a0gMA0G
CSqGSIb3DQEBCwUAA4IBAQAbs47GJKTdFXN5CysM2RwD9pGIVhXm37hGkeXO6KU7
T2ekQ4m07E43kT0Qn4Mhsx29C4I0YkaDxFzu/iioZtH1cdrfqMJAiilR3G+lmeSN
J2j15I7Woh2jxHe8kJlFsr55PcRhhTR3BtuQG//hzIJ5JqVMG4AADHKOrpxeNbLt
hY9UG5s8d50Z0Y7E6sStuxzlakg5QV7RK2qsqc9aDwrbD8UmMwoq/rsDemmxqvTe
Aby6PC2+ENuGpjK3LJ2u1dxlA5zMr+bG2oivbxuBOwurhFiAG2wArJtxrPbXYP/I
ImgKwCZIB6j2RRfEWADC4cD2HlekA2T8uY8p/+to9QvZ
-----END CERTIFICATE-----
Generated at Mon Jun 24 20:20:30 2024 by rpki-client on console-ams.rpki-client.org